Compromised admin account was the source of Apple, Facebook and Twitter exploits

SOFTWARE DEVELOPER WEBSITE iphonedevsdk.com has admitted that it might have been the source of a malware attack that exploited vulnerabilities in Mac OS X to infect machines at major technology firms including Apple, Facebook and Twitter.

"The hackers used this account to modify our theme and inject Javascript into our site," Sefferman wrote in the blog post. "That Javascript appears to have used a sophisticated, previously unknown exploit to hack into certain users' computers."

Sefferman admitted that the team is still trying to determine the exploit's timeline and details, but it appears as though the hacker ended the attack on 30 January, 2013. He also apologised for the "inconvenience" and added that they will work "tirelessly" to ensure users' data is secure.

According to an unidentified Apple source, the exploit was used against it and its customers' hardware and was "the first really big attack on Macs".

Apple said it is confident that no data was lost or stolen. "Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers," it said in a statement.

F-Secure security researcher Sean Sullivan noted on the F-Secure blog that the attacks showed a high degree of planning and skill, using previously unknown vulnerabilities and targeting high-value users.

"Macs typically account for about 15 percent of internet users, making them too small a target to attract the attention of most hackers," Sullivan wrote. "But in the 'developer world', Macs have a much higher percentage of market share. In Silicon Valley we'd guesstimate [that] it's probably the inverse of the real-world: 85 percent." µ